<?php

// Show all errors except the notice ones
error_reporting(E_ALL ^ E_NOTICE);

// Initialize session
session_id();
session_start();
header('Cache-control: private'); // IE 6 FIX

if($_POST['action'] == 'user_login')
{
	$post_user = $_POST['username'];
	$post_password = $_POST['password'];


	$dbh = new mysqli("mysql.planetnorman.net","tc_calendar_user","cmsc345");

	$dbh->select_db("tc_calendar");
	if (mysqli_connect_errno())
	{
		die('Could not connect: ' . mysql_error());
	}

	$qry = "select * from users where username = '" . $post_user. "' and password = '" . md5($post_password) . "';";
	$rs = $dbh->query($qry);

	//$rs = $dbh->query("select * from users where username = '$post_user' and password = '" . md5($post_password) . "';");
					
	// check username and password

	if(mysqli_num_rows($rs) > 0)
	{ 
		// No error? Register the session & redirect the user to his/her 'Control Panel'
		$username = $post_user;
		$_SESSION['username'] = $username;

			if($_POST['remember_me'])
			{
			// set the cookies for 1 month

			setcookie ("remember_me", true, (time() + TIME_DIFF) + (3600 * 24 * 30));
			setcookie ("info", $user_id.','.md5($password), (time() + TIME_DIFF) + (3600 * 24 * 30));
			}
	        echo 'OK'; // this response is checked in 'process-login.js'
	}
	else 
	{
  	  $auth_error = '<div id="notification_error">The login info is not correct.</div>';

  	  echo $auth_error;
	}
}
?>
